b77a4251c8c911f7993594bff83caa7f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b77a4251c8c911f7993594bff83caa7f_JaffaCakes118
Size

208KB
MD5

b77a4251c8c911f7993594bff83caa7f
SHA1

84069ced6e48ed80d2f73d72dce8db390aa21375
SHA256

2d5889ffe3483031ddf0b399f21af525cc491a1e7e2953324499ad21621ff19d
SHA512

7e3a6e7bd311683d388049fe126ff49986576be71e89e17a94545e7a19a5c8a9d11973e89c94d3c59ad2da37c3dee277eb3f266bb39e73399caca72e44a17a92
SSDEEP

3072:YfuPA1GTvoVBPjR74Z5kDx0iLNGoZU8RIXyXLidZ2Nu3ATf:USsfPdMH2zLNGoa8RUyeA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b77a4251c8c911f7993594bff83caa7f_JaffaCakes118

Files

b77a4251c8c911f7993594bff83caa7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f30fdf3c60fcb9bb161f76be8f82c8b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
HeapFree
InterlockedDecrement
DeleteCriticalSection
CreateEventW
ExitProcess
TerminateProcess
FreeLibrary
GetProcAddress
InterlockedExchange
EnterCriticalSection
GetVersionExW
GetStringTypeW
lstrlenW
GetEnvironmentStringsW
HeapAlloc
ResetEvent
Sleep
VirtualAlloc
GetCurrentThread
GetEnvironmentStrings
GetOEMCP
GetVersionExA
CompareStringW
CompareStringA
RtlUnwind
GetCommandLineA
GetProcessHeap
GetStartupInfoA
VirtualQuery
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
FatalAppExitA
SetConsoleCtrlHandler
InitializeCriticalSection
GetCPInfo
GetACP
HeapReAlloc
HeapSize
MultiByteToWideChar
GetLocaleInfoA
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetStringTypeA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetTimeZoneInformation
SetEnvironmentVariableA

advapi32

RegSetValueExW
RegOpenKeyExA
InitializeAcl
RegCloseKey
RegSetValueExA

shlwapi

SHDeleteValueW

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f30fdf3c60fcb9bb161f76be8f82c8b2

Headers

File Characteristics

Imports

kernel32

advapi32

shlwapi

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 216B

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 216B